diff --git a/cni/network/network_windows.go b/cni/network/network_windows.go index 6438744344..7ff68e9baf 100644 --- a/cni/network/network_windows.go +++ b/cni/network/network_windows.go @@ -37,8 +37,8 @@ var ( * Issue link: https://github.com/kubernetes/kubernetes/issues/57253 */ func (plugin *NetPlugin) handleConsecutiveAdd(args *cniSkel.CmdArgs, endpointId string, networkId string, - nwInfo *network.NetworkInfo, nwCfg *cni.NetworkConfig) (*cniTypesCurr.Result, error) { - + nwInfo *network.NetworkInfo, nwCfg *cni.NetworkConfig, +) (*cniTypesCurr.Result, error) { epInfo, _ := plugin.nm.GetEndpointInfo(networkId, endpointId) if epInfo == nil { return nil, nil @@ -141,13 +141,13 @@ func addSnatInterface(nwCfg *cni.NetworkConfig, result *cniTypesCurr.Result) { } func (plugin *NetPlugin) getNetworkName(netNs string, ipamAddResult *IPAMAddResult, nwCfg *cni.NetworkConfig) (string, error) { + determineWinVer() // For singletenancy, the network name is simply the nwCfg.Name if !nwCfg.MultiTenancy { return nwCfg.Name, nil } // in multitenancy case, the network name will be in the state file or can be built from cnsResponse - determineWinVer() if len(strings.TrimSpace(netNs)) == 0 { return "", fmt.Errorf("NetNs cannot be empty") } diff --git a/cns/azure-cns-windows.yaml b/cns/azure-cns-windows.yaml index f156eef142..1b0eba16cd 100644 --- a/cns/azure-cns-windows.yaml +++ b/cns/azure-cns-windows.yaml @@ -1,3 +1,11 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: azure-cns + namespace: kube-system + labels: + addonmanager.kubernetes.io/mode: EnsureExists +--- apiVersion: apps/v1 kind: DaemonSet metadata: @@ -13,30 +21,31 @@ spec: metadata: labels: k8s-app: azure-cns-win + annotations: + cluster-autoscaler.kubernetes.io/daemonset-pod: "true" + prometheus.io/port: "10092" spec: securityContext: windowsOptions: hostProcess: true runAsUserName: "NT AUTHORITY\\SYSTEM" - hostNetwork: true containers: - name: cns-container - image: acnpublic.azurecr.io/azure-cns-win:v1.4.15-1-g1b238a3f9 + image: acnpublic.azurecr.io/azure-cns:v1.4.26-9-gc40fb852 imagePullPolicy: IfNotPresent - command: - ["%CONTAINER_SANDBOX_MOUNT_POINT%/usr/local/bin/azure-cns.exe"] - args: - [ - "-cns-url", - "tcp://$(CNSIpAddress):$(CNSPort)", - "-log-target", - "$(CNSLogTarget)", - "-log-location", - "$(CNSLogDirectory)", - "-store-file-path", - "$(CNSStoreFilePath)", - "-config-path", - "%CONTAINER_SANDBOX_MOUNT_POINT%\\$(CNS_CONFIGURATION_PATH)", + securityContext: + privileged: true + command: ["powershell.exe"] + args: + [ + '.\setkubeconfigpath.ps1', ";", + 'powershell.exe', '.\azure-cns.exe', + '-c', "tcp://$(CNSIpAddress):$(CNSPort)", + '-t', "$(CNSLogTarget)", + '-o', "$(CNSLogDir)", + '-storefilepath', "$(CNSStoreFilePath)", + '-config-path', "%CONTAINER_SANDBOX_MOUNT_POINT%\\$(CNS_CONFIGURATION_PATH)", + '--kubeconfig', '.\kubeconfig', ] volumeMounts: - name: log @@ -45,6 +54,9 @@ spec: mountPath: etc/azure-cns ports: - containerPort: 10090 + name: api + - containerPort: 10092 + name: metrics env: - name: CNSIpAddress value: "127.0.0.1" @@ -52,19 +64,18 @@ spec: value: "10090" - name: CNSLogTarget value: "stdoutfile" - - name: CNSLogDirectory - value: "C:\\k" + - name: CNSLogDir + value: /k - name: CNSStoreFilePath - value: "C:\\k\\" + value: /k/ - name: CNS_CONFIGURATION_PATH - value: "etc\\azure-cns\\cns_config.json" + value: etc/azure-cns/cns_config.json - name: NODENAME valueFrom: fieldRef: apiVersion: v1 - fieldPath: spec.nodeName - - name: KUBECONFIG - value: "C:\\k\\config" + fieldPath: spec.nodeName + hostNetwork: true volumes: - name: log hostPath: @@ -75,6 +86,7 @@ spec: name: cns-config nodeSelector: kubernetes.io/os: windows + serviceAccountName: azure-cns --- apiVersion: v1 kind: ConfigMap diff --git a/cns/kubeconfigtemplate.yaml b/cns/kubeconfigtemplate.yaml new file mode 100644 index 0000000000..601b2e103a --- /dev/null +++ b/cns/kubeconfigtemplate.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Config +clusters: +- name: kubernetes + cluster: + certificate-authority-data: + +contexts: +- name: azure-cns-win@kubernetes + context: + cluster: kubernetes + namespace: kube-system + user: azure-cns-win +current-context: azure-cns-win@kubernetes +users: +- name: azure-cns-win + user: + token: diff --git a/cns/service/main.go b/cns/service/main.go index a70d27f845..c2b1609ebd 100644 --- a/cns/service/main.go +++ b/cns/service/main.go @@ -910,11 +910,12 @@ func InitializeCRDState(ctx context.Context, httpRestService cns.HTTPService, cn // build default clientset. kubeConfig, err := ctrl.GetConfig() - kubeConfig.UserAgent = fmt.Sprintf("azure-cns-%s", version) if err != nil { logger.Errorf("[Azure CNS] Failed to get kubeconfig for request controller: %v", err) - return err + return errors.Wrap(err, "failed to get kubeconfig") } + kubeConfig.UserAgent = fmt.Sprintf("azure-cns-%s", version) + clientset, err := kubernetes.NewForConfig(kubeConfig) if err != nil { return errors.Wrap(err, "failed to build clientset") diff --git a/cns/singletenantcontroller/reconciler.go b/cns/singletenantcontroller/reconciler.go index fbd21c421f..8cfcee5b88 100644 --- a/cns/singletenantcontroller/reconciler.go +++ b/cns/singletenantcontroller/reconciler.go @@ -88,7 +88,6 @@ func (r *Reconciler) Reconcile(ctx context.Context, req reconcile.Request) (reco req, err = CreateNCRequestFromDynamicNC(nnc.Status.NetworkContainers[i]) // in dynamic, we will also push this NNC to the IPAM Pool Monitor when we're done. listenersToNotify = append(listenersToNotify, r.ipampoolmonitorcli) - } if err != nil { diff --git a/cns/windows.Dockerfile b/cns/windows.Dockerfile index e65f20cf4e..4bc2e1397b 100644 --- a/cns/windows.Dockerfile +++ b/cns/windows.Dockerfile @@ -5,18 +5,20 @@ ARG VERSION ARG CNS_AI_PATH ARG CNS_AI_ID -WORKDIR /usr/local/src/cns +WORKDIR /usr/src/cns +RUN mkdir /usr/bin/ # Copy the source COPY . . # Build cns -RUN $Env:CGO_ENABLED=0; go build -v -o /usr/local/bin/azure-cns.exe -ldflags """-X main.version=${env:VERSION} -X ${env:CNS_AI_PATH}=${env:CNS_AI_ID}""" -gcflags="-dwarflocationlists=true" ./cns/service +RUN $Env:CGO_ENABLED=0; go build -v -o /usr/bin/azure-cns.exe -ldflags """-X main.version=${env:VERSION} -X ${env:CNS_AI_PATH}=${env:CNS_AI_ID}""" -gcflags="-dwarflocationlists=true" ./cns/service # Copy into final image FROM mcr.microsoft.com/windows/servercore:ltsc2022 -COPY --from=builder /usr/local/bin/azure-cns.exe \ - /usr/local/bin/azure-cns.exe +COPY --from=builder /usr/src/cns/cns/kubeconfigtemplate.yaml kubeconfigtemplate.yaml +COPY --from=builder /usr/src/cns/npm/examples/windows/setkubeconfigpath.ps1 setkubeconfigpath.ps1 +COPY --from=builder /usr/bin/azure-cns.exe azure-cns.exe -ENTRYPOINT ["/usr/local/bin/azure-cns.exe"] +ENTRYPOINT ["azure-cns.exe"] EXPOSE 10090