Skip to content

Commit

Permalink
chore: update nv-ipam to v0.2.0 (#971)
Browse files Browse the repository at this point in the history 
This version contains support for static IPs and new CIDRPool API.

Changelog:
https://github.com/Mellanox/nvidia-k8s-ipam/releases/tag/v0.2.0
  • Loading branch information
@rollandf
rollandf committed Jun 16, 2024
2 parents ad89c88 + cc32b31 commit b14d5a2
Show file tree
Hide file tree
Showing 10 changed files with 294 additions and 4 deletions.
17 changes: 17 additions & 0 deletions config/rbac/role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -306,6 +306,23 @@ rules:
- get
- list
- watch
- apiGroups:
- nv-ipam.nvidia.com
resources:
- cidrpools
verbs:
- create
- get
- list
- watch
- apiGroups:
- nv-ipam.nvidia.com
resources:
- cidrpools/status
verbs:
- get
- patch
- update
- apiGroups:
- nv-ipam.nvidia.com
resources:
Expand Down
2 changes: 2 additions & 0 deletions controllers/nicclusterpolicy_controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,8 @@ type NicClusterPolicyReconciler struct {
// +kubebuilder:rbac:groups=config.openshift.io,resources=proxies;clusterversions,verbs=get;list;watch
// +kubebuilder:rbac:groups=nv-ipam.nvidia.com,resources=ippools,verbs=get;list;watch;create;
// +kubebuilder:rbac:groups=nv-ipam.nvidia.com,resources=ippools/status,verbs=get;update;patch;
// +kubebuilder:rbac:groups=nv-ipam.nvidia.com,resources=cidrpools,verbs=get;list;watch;create;
// +kubebuilder:rbac:groups=nv-ipam.nvidia.com,resources=cidrpools/status,verbs=get;update;patch;
// +kubebuilder:rbac:groups=cert-manager.io,resources=issuers;certificates,verbs=get;list;watch;create;update;patch;delete
// +kubebuilder:rbac:groups=admissionregistration.k8s.io,resources=validatingwebhookconfigurations,verbs=get;list;watch;create;update;patch;delete
// +kubebuilder:rbac:groups=image.openshift.io,resources=imagestreams,verbs=get;list;watch
Expand Down
2 changes: 2 additions & 0 deletions deployment/network-operator/templates/role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -325,6 +325,7 @@ rules:
- nv-ipam.nvidia.com
resources:
- ippools
- cidrpools
verbs:
- create
- get
Expand All @@ -334,6 +335,7 @@ rules:
- nv-ipam.nvidia.com
resources:
- ippools/status
- cidrpools/status
verbs:
- get
- patch
Expand Down
2 changes: 1 addition & 1 deletion deployment/network-operator/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -325,7 +325,7 @@ nvIpam:
deploy: false
image: nvidia-k8s-ipam
repository: ghcr.io/mellanox
version: v0.1.2
version: v0.2.0
enableWebhook: false
# imagePullSecrets: []
# containerResources:
Expand Down
2 changes: 1 addition & 1 deletion example/crs/mellanox.com_v1alpha1_nicclusterpolicy_cr-nvidia-ipam.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,5 +69,5 @@ spec:
nvIpam:
image: nvidia-k8s-ipam
repository: ghcr.io/mellanox
version: v0.1.2
version: v0.2.0
enableWebhook: false
2 changes: 1 addition & 1 deletion hack/release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ IpamPlugin:
nvIpam:
image: nvidia-k8s-ipam
repository: ghcr.io/mellanox
version: v0.1.2
version: v0.2.0
nicFeatureDiscovery:
image: nic-feature-discovery
repository: ghcr.io/mellanox
Expand Down
231 changes: 231 additions & 0 deletions manifests/state-nv-ipam-cni/005-nv-ipam.nvidia.com_cidrpools.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,231 @@
# 2024 NVIDIA CORPORATION & AFFILIATES
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.13.0
name: cidrpools.nv-ipam.nvidia.com
spec:
group: nv-ipam.nvidia.com
names:
kind: CIDRPool
listKind: CIDRPoolList
plural: cidrpools
singular: cidrpool
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .spec.cidr
name: CIDR
type: string
- jsonPath: .spec.gatewayIndex
name: Gateway index
type: string
- jsonPath: .spec.perNodeNetworkPrefix
name: Per Node Network Prefix
type: integer
name: v1alpha1
schema:
openAPIV3Schema:
description: CIDRPool contains configuration for CIDR pool
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: CIDRPoolSpec contains configuration for CIDR pool
properties:
cidr:
description: pool CIDR block which will be split to smaller prefixes(size
is define in perNodeNetworkPrefix) and distributed between matching
nodes
type: string
exclusions:
description: contains reserved IP addresses that should not be allocated
by nv-ipam
items:
description: ExcludeRange contains range of IP addresses to exclude
from allocation startIP and endIP are part of the ExcludeRange
properties:
endIP:
type: string
startIP:
type: string
required:
- endIP
- startIP
type: object
type: array
gatewayIndex:
description: use IP with this index from the host prefix as a gateway,
skip gateway configuration if the value not set
type: integer
nodeSelector:
description: selector for nodes, if empty match all nodes
properties:
nodeSelectorTerms:
description: Required. A list of node selector terms. The terms
are ORed.
items:
description: A null or empty node selector term matches no objects.
The requirements of them are ANDed. The TopologySelectorTerm
type implements a subset of the NodeSelectorTerm.
properties:
matchExpressions:
description: A list of node selector requirements by node's
labels.
items:
description: A node selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: The label key that the selector applies
to.
type: string
operator:
description: Represents a key's relationship to a
set of values. Valid operators are In, NotIn, Exists,
DoesNotExist. Gt, and Lt.
type: string
values:
description: An array of string values. If the operator
is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. If the operator is Gt or Lt,
the values array must have a single element, which
will be interpreted as an integer. This array is
replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchFields:
description: A list of node selector requirements by node's
fields.
items:
description: A node selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: The label key that the selector applies
to.
type: string
operator:
description: Represents a key's relationship to a
set of values. Valid operators are In, NotIn, Exists,
DoesNotExist. Gt, and Lt.
type: string
values:
description: An array of string values. If the operator
is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. If the operator is Gt or Lt,
the values array must have a single element, which
will be interpreted as an integer. This array is
replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
type: object
x-kubernetes-map-type: atomic
type: array
required:
- nodeSelectorTerms
type: object
x-kubernetes-map-type: atomic
perNodeNetworkPrefix:
description: size of the network prefix for each host, the network
defined in "cidr" field will be split to multiple networks with
this size.
type: integer
staticAllocations:
description: static allocations for the pool
items:
description: CIDRPoolStaticAllocation contains static allocation
for a CIDR pool
properties:
gateway:
description: gateway for the node
type: string
nodeName:
description: name of the node for static allocation, can be
empty in case if the prefix should be preallocated without
assigning it for a specific node
type: string
prefix:
description: statically allocated prefix
type: string
required:
- prefix
type: object
type: array
required:
- cidr
- perNodeNetworkPrefix
type: object
status:
description: CIDRPoolStatus contains the IP prefixes allocated to nodes
properties:
allocations:
description: prefixes allocations for Nodes
items:
description: CIDRPoolAllocation contains prefix allocated for a
specific Node
properties:
gateway:
description: gateway for the node
type: string
nodeName:
description: name of the node which owns this allocation
type: string
prefix:
description: allocated prefix
type: string
required:
- nodeName
- prefix
type: object
type: array
required:
- allocations
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
17 changes: 16 additions & 1 deletion manifests/state-nv-ipam-cni/005-nv-ipam.nvidia.com_ippools.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,22 @@ spec:
spec:
description: IPPoolSpec contains configuration for IP pool
properties:
exclusions:
description: contains reserved IP addresses that should not be allocated
by nv-ipam
items:
description: ExcludeRange contains range of IP addresses to exclude
from allocation startIP and endIP are part of the ExcludeRange
properties:
endIP:
type: string
startIP:
type: string
required:
- endIP
- startIP
type: object
type: array
gateway:
description: gateway for the pool
type: string
Expand Down Expand Up @@ -152,7 +168,6 @@ spec:
description: subnet of the pool
type: string
required:
- gateway
- perNodeBlockSize
- subnet
type: object
Expand Down
3 changes: 3 additions & 0 deletions manifests/state-nv-ipam-cni/020-cluster-role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ rules:
- nv-ipam.nvidia.com
resources:
- ippools
- cidrpools
verbs:
- get
- list
Expand Down Expand Up @@ -62,6 +63,7 @@ rules:
- nv-ipam.nvidia.com
resources:
- ippools
- cidrpools
verbs:
- get
- list
Expand All @@ -71,6 +73,7 @@ rules:
- nv-ipam.nvidia.com
resources:
- ippools/status
- cidrpools/status
verbs:
- get
- update
Expand Down
20 changes: 20 additions & 0 deletions manifests/state-nv-ipam-cni/035-webhook.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,4 +43,24 @@ webhooks:
resources:
- ippools
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: nv-ipam-webhook-service
namespace: {{ .RuntimeSpec.Namespace }}
path: /validate-nv-ipam-nvidia-com-v1alpha1-cidrpool
failurePolicy: Fail
name: validate-cidrpool.nv-ipam.nvidia.com
rules:
- apiGroups:
- nv-ipam.nvidia.com
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- cidrpools
sideEffects: None
{{ end }}

0 comments on commit b14d5a2

Please sign in to comment.