feat: [NPM] Restructure code and add deploy manifests #1203
Conversation
- Moved files from top level npm/ folder to their own respective folders for controller and daemon components - Generated new deployment manifests for each components and moved into the respective folders under npm/deploy Signed-off-by: Nitish Malhotra <nitishm@microsoft.com>
|
Checking this in for tracking. Will port to kustomize in follow up commits. |
Signed-off-by: Nitish Malhotra <nitishm@microsoft.com>
nitishm
requested review from
huntergregory,
matmerr and
vakalapa
and removed request for
matmerr and
vakalapa
nitishm
force-pushed
the
nitishm/feat/kubernetes-yamls-decomposed-mode
branch
4 times, most recently
from
e289220 to
479d729
Compare
Signed-off-by: Nitish Malhotra <nitishm@microsoft.com>
nitishm
force-pushed
the
nitishm/feat/kubernetes-yamls-decomposed-mode
branch
from
479d729 to
5360c30
Compare
| @@ -99,18 +99,12 @@ spec: | |||
| volumeMounts: | |||
| - name: xtables-lock | |||
| mountPath: /run/xtables.lock | |||
| - name: log | |||
There was a problem hiding this comment.
We will need to update this new file location for all tests
There was a problem hiding this comment.
@matmerr mentioned this is obsolete? Do the tests still use this?
There was a problem hiding this comment.
impacts these:
huntergregory
left a comment
huntergregory
left a comment
There was a problem hiding this comment.
This is awesome. We should consider better names for services. We are stuck with "npm-metrics-cluster-service" for vanilla npm and npm daemon for Prometheus backwards compatibility. Perhaps we should reserve the term "cluster-metrics" for this service only
| @@ -0,0 +1,24 @@ | |||
| --- | |||
| apiVersion: v1 | |||
| kind: ConfigMap | |||
There was a problem hiding this comment.
perhaps a better location: npm/profiles/
There was a problem hiding this comment.
or we could move profiles/ into deploy/ but there are dependencies on the profiles path
There was a problem hiding this comment.
Let's move profiles/ to deploy/profiles/ to keep everything together. Can we move all configmap yamls to this folder?
After moving the profiles/ folder, we'll need to update these (similar to the ones for moving azure-npm.yaml):
There was a problem hiding this comment.
Upstream the common practice is to add deployment manifests to the deploy folder. You keep your helm charts, kustomize, vanilla k8s yamls and any related manifests that get picked up by these resources.
The Configmaps are common to both overlays hence they are in the base folder. If you still think profiles should go there I am happy to do that :)
There was a problem hiding this comment.
makes sense. base/ seems good (as long as the current profiles are in the same folder, for testing sake)
There was a problem hiding this comment.
Lets not increase the scope of this PR, for now, keep it simple with the filename changes and we can do a separate effort/PR to standardize this process , wdygt ?
| @@ -0,0 +1,67 @@ | |||
|
|
|||
There was a problem hiding this comment.
nit: remove empty line
| @@ -0,0 +1,24 @@ | |||
| --- | |||
| apiVersion: v1 | |||
| kind: ConfigMap | |||
There was a problem hiding this comment.
where is this supposed to be used?
There was a problem hiding this comment.
similarly for npm-serviceaccount.yaml and rbac.yaml in the common/ folder
There was a problem hiding this comment.
Common across all deployments (aka overlays in kustomize)
| @@ -99,18 +99,12 @@ spec: | |||
| volumeMounts: | |||
| - name: xtables-lock | |||
| mountPath: /run/xtables.lock | |||
| - name: log | |||
There was a problem hiding this comment.
impacts these:
| - name: protocols | ||
| mountPath: /etc/protocols | ||
| - name: azure-npm-config | ||
| mountPath: /etc/azure-npm | ||
| hostNetwork: true | ||
| volumes: | ||
| - name: log |
There was a problem hiding this comment.
wondering why we are removing /var/log?
There was a problem hiding this comment.
@matmerr said we are using this in production anymore. I made an assumption it wasn't being used at all. I will add it back in :)
There was a problem hiding this comment.
Mat said we are or aren't?
There was a problem hiding this comment.
We are NOT logging to a file anymore so we can safely remove this.
| apiVersion: v1 | ||
| kind: Service | ||
| metadata: | ||
| name: npm-deamon-metrics-cluster-service |
There was a problem hiding this comment.
per our Prometheus discussion yesterday, we'll need to serve up the same "cluster-metrics" service that we have currently
azure-container-networking/npm/azure-npm.yaml
Line 130 in 6a63ac0
There was a problem hiding this comment.
If we add daemon-specific metrics to npm-metrics-cluster-service, then we'll need to update a scrape config owned by Container Insights team
There was a problem hiding this comment.
This is a good point. Can we discuss this on chat?
Signed-off-by: Nitish Malhotra <nitishm@microsoft.com>
…into nitishm/feat/kubernetes-yamls-decomposed-mode Signed-off-by: Nitish Malhotra <nitishm@microsoft.com>
|
Discussed offline: we can use one service for the daemon (whether for vanilla NPM or the fan-out mode), which will have 3+ endpoints. The current ones will be for customers:
and new endpoints can be for internal use |
Signed-off-by: Ubuntu <nitishm@acn-dev.a3ahweixzwte5k2rkdoyg14y4b.gx.internal.cloudapp.net>
Use the remote port for the client to connect to the k8s service port Signed-off-by: Nitish Malhotra <nitishm@microsoft.com>
Signed-off-by: Nitish Malhotra <nitishm@Ubuntu-21.10>
Signed-off-by: Nitish Malhotra <nitishm@microsoft.com>
| @@ -0,0 +1,10 @@ | |||
| allow_k8s_contexts('acn-dev-azure-cni') | |||
| default_registry('ttl.sh/nitishm-12390') | |||
There was a problem hiding this comment.
if this is an ephemeral image can we put it on acnpublic instead?
There was a problem hiding this comment.
I couldnt find how to provide the credentials (plus we don't want the credentials checked in). Need to look into this
| "k8s.io/klog" | ||
| ) | ||
|
|
||
| var aiMetadata string //nolint // aiMetadata is set in Makefile |
There was a problem hiding this comment.
will require further verification of how this is used, but this is set via the Makefile on build in the dockerfile. Not sure of implications with introducing it into subpackages, and/or if aiMetadata is even relevant in this scope if used in the parent npm/
npm/config/config.go
Outdated
| Address: "0.0.0.0", | ||
| Port: defaultGrpcPort, | ||
| Address: "0.0.0.0", | ||
| Port: defaultGrpcPort, |
There was a problem hiding this comment.
maybe ServerPort to be extra explicit alongside the RemotePort?
| "EnableV2NPM": false, | ||
| "PlaceAzureChainFirst": false | ||
| }, | ||
| "Transport": { |
There was a problem hiding this comment.
can we add this to examples/windows/* manifests too
Signed-off-by: Nitish Malhotra <nitishm@microsoft.com>
…://github.com/nitishm/azure-container-networking into nitishm/feat/kubernetes-yamls-decomposed-mode
…://github.com/nitishm/azure-container-networking into nitishm/feat/kubernetes-yamls-decomposed-mode
Signed-off-by: Nitish Malhotra <nitishm@microsoft.com>
|
/azp run |
|
Azure Pipelines successfully started running 2 pipeline(s). |
4 participants
for controller and daemon components
the respective folders under npm/deploy
Signed-off-by: Nitish Malhotra nitishm@microsoft.com
Reason for Change:
Issue Fixed:
Requirements:
Notes: