Merge pull request Nordix#32 from Nordix/dev

update nsp deployment handling due to meridio NSP API change

controllers/trench/nsp.go

@@ -13,8 +13,7 @@ import (
 )
 
 const (
-	nspEnvName = "NSP_PORT"
-	imageNsp   = "nsp"
+	imageNsp = "nsp"
 )
 
 type NspDeployment struct {
@@ -36,15 +35,21 @@ func NewNspDeployment(e *common.Executor, t *meridiov1alpha1.Trench) (*NspDeploy
 	return l, nil
 }
 
-func getEnvVars() []corev1.EnvVar {
-	// if envVars are set in the cr, use the values
-	// else return default envVars
-	return []corev1.EnvVar{
-		{
-			Name:  nspEnvName,
-			Value: fmt.Sprint(common.NspTargetPort),
-		},
+func (i *NspDeployment) getEnvVars(allEnv []corev1.EnvVar) []corev1.EnvVar {
+	ret := []corev1.EnvVar{}
+	for _, env := range allEnv {
+		switch env.Name {
+		case "NSP_PORT":
+			env.Value = fmt.Sprint(common.NspTargetPort)
+		case "NSP_CONFIG_MAP_NAME":
+			env.Value = common.ConfigMapName(i.trench)
+		case "NSP_NAMESPACE":
+		default:
+			i.exec.LogError(fmt.Errorf("env %s not expected", env.Name), "get env var error")
+		}
+		ret = append(ret, env)
 	}
+	return ret
 }
 
 func (i *NspDeployment) insertParameters(init *appsv1.Deployment) *appsv1.Deployment {
@@ -57,16 +62,25 @@ func (i *NspDeployment) insertParameters(init *appsv1.Deployment) *appsv1.Deploy
 	dep.ObjectMeta.Labels["app"] = nspDeploymentName
 	dep.Spec.Selector.MatchLabels["app"] = nspDeploymentName
 	dep.Spec.Template.ObjectMeta.Labels["app"] = nspDeploymentName
+	dep.Spec.Template.Spec.ServiceAccountName = common.ServiceAccountName(i.trench)
 
 	dep.Spec.Template.Spec.ImagePullSecrets = common.GetImagePullSecrets()
 
-	if dep.Spec.Template.Spec.Containers[0].Image == "" {
-		dep.Spec.Template.Spec.Containers[0].Image = fmt.Sprintf("%s/%s/%s:%s", common.Registry, common.Organization, imageNsp, common.Tag)
+	for k, container := range dep.Spec.Template.Spec.Containers {
+		switch name := container.Name; name {
+		case "nsp":
+			if container.Image == "" {
+				container.Image = fmt.Sprintf("%s/%s/%s:%s", common.Registry, common.Organization, imageNsp, common.Tag)
+			}
+			container.LivenessProbe = common.GetLivenessProbe(i.trench)
+			container.ReadinessProbe = common.GetReadinessProbe(i.trench)
+			container.Env = i.getEnvVars(container.Env)
+		default:
+			i.exec.LogError(fmt.Errorf("container %s not expected", name), "get container error")
+		}
+		dep.Spec.Template.Spec.Containers[k] = container
 	}
-	dep.Spec.Template.Spec.Containers[0].LivenessProbe = common.GetLivenessProbe(i.trench)
-	dep.Spec.Template.Spec.Containers[0].ReadinessProbe = common.GetReadinessProbe(i.trench)
 
-	dep.Spec.Template.Spec.Containers[0].Env = getEnvVars()
 	return dep
 }
 

deployment/ipam.yaml

@@ -16,7 +16,7 @@ spec:
     spec:
       containers:
         - name: ipam
-          image: # to be filed by operator
+          image: # to be filled by operator
           imagePullPolicy: # Kubernetes default according to image tag
           readinessProbe:
             exec:

deployment/lb-fe.yaml

@@ -15,7 +15,7 @@ spec:
       labels:
         app: lb-fe
     spec:
-      serviceAccountName: meridio
+      serviceAccountName: # to be filled by operator
       affinity:
         podAntiAffinity:
           requiredDuringSchedulingIgnoredDuringExecution:
@@ -32,10 +32,10 @@ spec:
           securityContext:
             privileged: true
           command: ["/bin/sh"]
-          args: # to be filed by operator according to trench
+          args: # to be filled by operator according to trench
       containers:
         - name: load-balancer
-          image: # to be filed by operator
+          image: # to be filled by operator
           imagePullPolicy: # Kubernetes default according to image tag
           readinessProbe:
             exec:
@@ -71,13 +71,13 @@ spec:
                 fieldRef:
                   fieldPath: metadata.namespace
             - name: NSM_CONFIG_MAP_NAME
-              value:  # to be filed by operator
+              value:  # to be filled by operator
             - name: NSM_CONNECT_TO
               value: unix:///var/lib/networkservicemesh/nsm.io.sock
             - name: NSM_SERVICE_NAME
-              value:  # to be filed by operator
+              value:  # to be filled by operator
             - name: NSM_NSP_SERVICE
-              value:  # Kubernetes default according to image tag
+              value:  # to be filled by operator
           volumeMounts:
             - name: spire-agent-socket
               mountPath: /run/spire/sockets
@@ -88,7 +88,7 @@ spec:
           securityContext:
             privileged: true
         - name: nsc
-          image: # to be filed by operator
+          image: # to be filled by operator
           imagePullPolicy: # Kubernetes default according to image tag
           env:
             - name: SPIFFE_ENDPOINT_SOCKET
@@ -111,7 +111,7 @@ spec:
               mountPath: /var/lib/networkservicemesh
               readOnly: true
         - name: fe
-          image: # to be filed by operator
+          image: # to be filled by operator
           imagePullPolicy: # Kubernetes default according to image tag
           env:
             - name: NFE_NAMESPACE
@@ -123,7 +123,7 @@ spec:
             - name: NFE_ECMP
               value: "true"
             - name: NFE_CONFIG_MAP_NAME
-              value: # to be filed by operator
+              value: # to be filled by operator
           securityContext:
             privileged: true
       volumes:

deployment/nse-vlan.yaml

@@ -16,7 +16,7 @@ spec:
     spec:
       containers:
         - name: nse
-          image: # to be filed by operator
+          image: # to be filled by operator
           imagePullPolicy: # Kubernetes default according to image tag
           env:
             - name: SPIFFE_ENDPOINT_SOCKET
@@ -28,15 +28,15 @@ spec:
             - name: NSE_CONNECT_TO
               value: unix:///var/lib/networkservicemesh/nsm.io.sock
             - name: NSE_VLAN_BASE_IFNAME
-              value: # to be filed by operator according to Attractor
+              value: # to be filled by operator according to Attractor
             - name: NSE_VLAN_ID
-              value: # to be filed by operator according to Attractor
+              value: # to be filled by operator according to Attractor
             - name: NSE_SERVICE_NAME
-              value: # to be filed by operator
+              value: # to be filled by operator
             - name: NSE_CIDR_PREFIX
-              value: # to be filed by operator according to Attractor
+              value: # to be filled by operator according to Attractor
             - name: NSE_IPV6_PREFIX
-              value: # to be filed by operator according to Attractor
+              value: # to be filled by operator according to Attractor
             - name: NSE_POINT2POINT
               value: "False"
           volumeMounts:

deployment/nsp.yaml

@@ -15,9 +15,10 @@ spec:
       labels:
         app: nsp
     spec:
+      serviceAccountName: # to be filled by operator
       containers:
         - name: nsp
-          image: # to be filed by operator
+          image: # to be filled by operator
           imagePullPolicy: # Kubernetes default according to image tag
           readinessProbe:
             exec:
@@ -43,4 +44,10 @@ spec:
             timeoutSeconds: 3
           env:
             - name: NSP_PORT
-              value: "7778"
+              value: # to be filled by operator
+            - name: NSP_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.namespace
+            - name: NSP_CONFIG_MAP_NAME
+              value: # to be filled by operator

deployment/proxy.yaml

@@ -14,18 +14,18 @@ spec:
       labels:
         app: proxy
     spec:
-      serviceAccountName: meridio
+      serviceAccountName: # to be filled by operator
       initContainers:
         - name: sysctl-init
-          image: # to be filed by operator
+          image: # to be filled by operator
           imagePullPolicy: # Kubernetes default according to image tag
           securityContext:
             privileged: true
           command: ["/bin/sh"]
-          args: # to be filed by operator according to the Trench
+          args: # to be filled by operator according to the Trench
       containers:
         - name: proxy
-          image: # to be filed by operator
+          image: # to be filled by operator
           imagePullPolicy: # Kubernetes default according to image tag
           readinessProbe:
             exec:
@@ -65,19 +65,19 @@ spec:
                 fieldRef:
                   fieldPath: metadata.namespace
             - name: NSM_CONFIG_MAP_NAME
-              value: # to be filed by operator
+              value: # to be filled by operator
             - name: NSM_CONNECT_TO
               value: unix:///var/lib/networkservicemesh/nsm.io.sock
             - name: NSM_SERVICE_NAME
-              value: # to be filed by operator
+              value: # to be filled by operator
             - name: NSM_SUBNET_POOLS
-              value: # to be filed by operator
+              value: # to be filled by operator
             - name: NSM_SUBNET_PREFIX_LENGTHS
-              value: # to be filed by operator
+              value: # to be filled by operator
             - name: NSM_IPAM_SERVICE
-              value: # to be filed by operator
+              value: # to be filled by operator
             - name: NSM_NETWORK_SERVICE_NAME
-              value: # to be filed by operator
+              value: # to be filled by operator
           volumeMounts:
             - name: spire-agent-socket
               mountPath: /run/spire/sockets