From 3e3ed9dbb31133b5175ff792a9636603b2df95e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Dulko?= Date: Wed, 16 Jan 2019 17:49:52 +0100 Subject: [PATCH] Remove way of running without kuryr-daemon Deploying without kuryr-daemon is deprecated since Rocky and we announced that it will be removed in the Rocky release notes. This commit removes all the code that allows that, updates the documentation, DevStack plugin and gates definitions. Implements: blueprint remove-non-daemon Change-Id: I65598d4a6ecb5c3dfde04dc5fefd7b02fc72a0cb --- .zuul.d/base.yaml | 1 + .zuul.d/multi-vif.yaml | 6 +- .zuul.d/multinode.yaml | 6 +- .zuul.d/octavia.yaml | 77 +++++++------------ .zuul.d/project.yaml | 38 +++++---- .zuul.d/sdn.yaml | 14 +--- cni_ds_init | 7 +- devstack/lib/kuryr_kubernetes | 13 +--- devstack/plugin.sh | 19 +---- doc/source/devref/kuryr_kubernetes_design.rst | 61 ++++----------- doc/source/installation/devstack/basic.rst | 3 - kuryr_kubernetes/cni/api.py | 20 ----- kuryr_kubernetes/cni/main.py | 10 +-- kuryr_kubernetes/cni/plugins/k8s_cni.py | 49 ------------ kuryr_kubernetes/config.py | 7 -- .../tests/unit/cni/plugins/test_k8s_cni.py | 67 ---------------- kuryr_kubernetes/tests/unit/cni/test_api.py | 57 -------------- kuryr_kubernetes/tests/unit/cni/test_main.py | 28 ------- .../remove-non-daemon-836e4825384b1b88.yaml | 5 ++ 19 files changed, 83 insertions(+), 405 deletions(-) delete mode 100644 kuryr_kubernetes/cni/plugins/k8s_cni.py delete mode 100644 kuryr_kubernetes/tests/unit/cni/plugins/test_k8s_cni.py create mode 100644 releasenotes/notes/remove-non-daemon-836e4825384b1b88.yaml diff --git a/.zuul.d/base.yaml b/.zuul.d/base.yaml index 38f4cf32f..98a4edc18 100644 --- a/.zuul.d/base.yaml +++ b/.zuul.d/base.yaml @@ -76,6 +76,7 @@ kubernetes-scheduler: true kubelet: true kuryr-kubernetes: true + kuryr-daemon: true zuul_copy_output: '{{ devstack_log_dir }}/kubernetes': 'logs' irrelevant-files: diff --git a/.zuul.d/multi-vif.yaml b/.zuul.d/multi-vif.yaml index 5e5e4ddd8..3109b7b8c 100644 --- a/.zuul.d/multi-vif.yaml +++ b/.zuul.d/multi-vif.yaml @@ -13,10 +13,10 @@ # limitations under the License. - job: - name: kuryr-kubernetes-tempest-daemon-openshift-octavia-multi-vif - parent: kuryr-kubernetes-tempest-daemon-openshift-octavia + name: kuryr-kubernetes-tempest-openshift-octavia-multi-vif + parent: kuryr-kubernetes-tempest-openshift-octavia description: | - Kuryr-Kubernetes tempest job using octavia, CNI daemon, Openshift and NPWG multi-vif driver + Kuryr-Kubernetes tempest job using octavia, Openshift and NPWG multi-vif driver vars: devstack_localrc: KURYR_MULTI_VIF_DRIVER: npwg_multiple_interfaces diff --git a/.zuul.d/multinode.yaml b/.zuul.d/multinode.yaml index a600ef64e..7151cbabb 100644 --- a/.zuul.d/multinode.yaml +++ b/.zuul.d/multinode.yaml @@ -13,7 +13,7 @@ # limitations under the License. - job: - name: kuryr-kubernetes-tempest-multinode-daemon-octavia-containerized + name: kuryr-kubernetes-tempest-multinode-octavia-containerized parent: kuryr-kubernetes-tempest-octavia description: | Kuryr-Kubernetes tempest multinode job using octavia @@ -55,8 +55,8 @@ voting: false - job: - name: kuryr-kubernetes-tempest-multinode-daemon-octavia-ha - parent: kuryr-kubernetes-tempest-multinode-daemon-octavia-containerized + name: kuryr-kubernetes-tempest-multinode-octavia-ha + parent: kuryr-kubernetes-tempest-multinode-octavia-containerized description: | Kuryr-Kubernetes tempest multinode job using octavia and running containerized in HA diff --git a/.zuul.d/octavia.yaml b/.zuul.d/octavia.yaml index 61af79f5e..a7c9d12d1 100644 --- a/.zuul.d/octavia.yaml +++ b/.zuul.d/octavia.yaml @@ -44,7 +44,6 @@ o-cw: true o-hk: true o-hm: true - kuryr-daemon: false - job: name: kuryr-kubernetes-tempest-octavia-centos-7 @@ -53,38 +52,29 @@ voting: false - job: - name: kuryr-kubernetes-tempest-daemon-octavia + name: kuryr-kubernetes-tempest-octavia-py36 parent: kuryr-kubernetes-tempest-octavia description: | - Kuryr-Kubernetes tempest job using octavia and CNI daemon - vars: - devstack_services: - kuryr-daemon: true - -- job: - name: kuryr-kubernetes-tempest-daemon-octavia-py36 - parent: kuryr-kubernetes-tempest-daemon-octavia - description: | - Tempest with Octavia, CNI daemon with DevStack running on Python 3.6 + Tempest with Octavia with DevStack running on Python 3.6 vars: devstack_localrc: USE_PYTHON3: true - job: - name: kuryr-kubernetes-tempest-daemon-containerized-octavia - parent: kuryr-kubernetes-tempest-daemon-octavia + name: kuryr-kubernetes-tempest-containerized-octavia + parent: kuryr-kubernetes-tempest-octavia description: | - Kuryr-Kubernetes tempest job using octavia, kuryr containerized and CNI daemon + Kuryr-Kubernetes tempest job using octavia, kuryr containerized vars: devstack_localrc: KURYR_K8S_CONTAINERIZED_DEPLOYMENT: true voting: false - job: - name: kuryr-kubernetes-tempest-daemon-containerized-octavia-l2 - parent: kuryr-kubernetes-tempest-daemon-containerized-octavia + name: kuryr-kubernetes-tempest-containerized-octavia-l2 + parent: kuryr-kubernetes-tempest-containerized-octavia description: | - Kuryr-Kubernetes tempest job using octavia in l2 mode, kuryr containerized and CNI daemon + Kuryr-Kubernetes tempest job using octavia in l2 mode, kuryr containerized vars: devstack_localrc: KURYR_K8S_OCTAVIA_MEMBER_MODE: L2 @@ -97,6 +87,9 @@ vars: devstack_localrc: DOCKER_CGROUP_DRIVER: "systemd" + KURYR_SUBNET_DRIVER: namespace + KURYR_SG_DRIVER: namespace + KURYR_ENABLED_HANDLERS: vif,lb,lbaasspec,namespace devstack_services: kubernetes-api: false kubernetes-controller-manager: false @@ -106,26 +99,13 @@ openshift-node: true openshift-dnsmasq: true openshift-dns: true - -- job: - name: kuryr-kubernetes-tempest-daemon-openshift-octavia - parent: kuryr-kubernetes-tempest-openshift-octavia - description: | - Kuryr-Kubernetes tempest job using octavia, CNI daemon and OpenShift - vars: - devstack_services: - kuryr-daemon: true - devstack_localrc: - KURYR_SUBNET_DRIVER: namespace - KURYR_SG_DRIVER: namespace - KURYR_ENABLED_HANDLERS: vif,lb,lbaasspec,namespace voting: false - job: - name: kuryr-kubernetes-tempest-daemon-containerized-octavia-pools-namespace + name: kuryr-kubernetes-tempest-containerized-octavia-pools-namespace description: | Tempest with Octavia, CNI daemon, containers, port pools and namespace subnet driver - parent: kuryr-kubernetes-tempest-daemon-containerized-octavia + parent: kuryr-kubernetes-tempest-containerized-octavia vars: devstack_localrc: KURYR_SUBNET_DRIVER: namespace @@ -136,10 +116,10 @@ KURYR_VIF_POOL_DRIVER: neutron - job: - name: kuryr-kubernetes-tempest-daemon-containerized-octavia-network-policy + name: kuryr-kubernetes-tempest-containerized-octavia-network-policy description: | Tempest with Octavia, CNI daemon, containers and network policy driver - parent: kuryr-kubernetes-tempest-daemon-containerized-octavia + parent: kuryr-kubernetes-tempest-containerized-octavia vars: tempest_test_regex: '^(kuryr_tempest_plugin.tests.scenario.test_network_policy.TestNetworkPolicyScenario)' devstack_localrc: @@ -149,11 +129,10 @@ voting: false - job: - name: kuryr-kubernetes-tempest-daemon-containerized-octavia-py36 + name: kuryr-kubernetes-tempest-containerized-octavia-py36 description: | - Tempest with Octavia, CNI daemon, containers with Kuryr running on - Python3.6 containers - parent: kuryr-kubernetes-tempest-daemon-containerized-octavia + Tempest with Octavia and Kuryr running on Python3.6 containers + parent: kuryr-kubernetes-tempest-containerized-octavia vars: devstack_localrc: KURYR_CONTAINERS_USE_PY3: True @@ -161,17 +140,17 @@ voting: true - job: - name: kuryr-kubernetes-tempest-daemon-containerized-openshift-octavia - description: Tempest with Octavia, CNI daemon enabled, containers and OpenShift - parent: kuryr-kubernetes-tempest-daemon-openshift-octavia + name: kuryr-kubernetes-tempest-containerized-openshift-octavia + description: Tempest with Octavia, containers and OpenShift + parent: kuryr-kubernetes-tempest-openshift-octavia vars: devstack_localrc: KURYR_K8S_CONTAINERIZED_DEPLOYMENT: true - job: - name: kuryr-kubernetes-tempest-daemon-containerized-openshift-octavia-serial - description: Tempest with Octavia running in serial, CNI daemon enabled, containers and OpenShift - parent: kuryr-kubernetes-tempest-daemon-containerized-openshift-octavia + name: kuryr-kubernetes-tempest-containerized-openshift-octavia-serial + description: Tempest with Octavia running in serial, containers and OpenShift + parent: kuryr-kubernetes-tempest-containerized-openshift-octavia vars: devstack_localrc: KURYR_K8S_SERIAL_TESTS: True @@ -179,8 +158,8 @@ - job: - name: kuryr-kubernetes-tempest-daemon-openshift-octavia-ingress - parent: kuryr-kubernetes-tempest-daemon-openshift-octavia + name: kuryr-kubernetes-tempest-openshift-octavia-ingress + parent: kuryr-kubernetes-tempest-openshift-octavia description: | Kuryr-Kubernetes tempest job using octavia, ingress controller and OpenShift vars: @@ -190,8 +169,8 @@ voting: false - job: - name: kuryr-kubernetes-tempest-daemon-containerized-octavia-crio - parent: kuryr-kubernetes-tempest-daemon-containerized-octavia + name: kuryr-kubernetes-tempest-containerized-octavia-crio + parent: kuryr-kubernetes-tempest-containerized-octavia nodeset: openstack-single-node-bionic vars: devstack_localrc: diff --git a/.zuul.d/project.yaml b/.zuul.d/project.yaml index 2e6f7166a..7fc0aeca5 100644 --- a/.zuul.d/project.yaml +++ b/.zuul.d/project.yaml @@ -17,33 +17,31 @@ check: jobs: - kuryr-kubernetes-tempest-octavia - - kuryr-kubernetes-tempest-daemon-octavia - - kuryr-kubernetes-tempest-daemon-openshift-octavia - - kuryr-kubernetes-tempest-daemon-containerized-octavia - - kuryr-kubernetes-tempest-daemon-containerized-ovn - - kuryr-kubernetes-tempest-daemon-octavia-py36 - - kuryr-kubernetes-tempest-daemon-containerized-octavia-py36 - - kuryr-kubernetes-tempest-multinode-daemon-octavia-containerized + - kuryr-kubernetes-tempest-openshift-octavia + - kuryr-kubernetes-tempest-containerized-octavia + - kuryr-kubernetes-tempest-containerized-ovn + - kuryr-kubernetes-tempest-octavia-py36 + - kuryr-kubernetes-tempest-containerized-octavia-py36 + - kuryr-kubernetes-tempest-multinode-octavia-containerized - kuryr-kubernetes-tempest-octavia-centos-7 gate: jobs: - kuryr-kubernetes-tempest-octavia - - kuryr-kubernetes-tempest-daemon-octavia - - kuryr-kubernetes-tempest-daemon-octavia-py36 - - kuryr-kubernetes-tempest-daemon-containerized-octavia-py36 + - kuryr-kubernetes-tempest-octavia-py36 + - kuryr-kubernetes-tempest-containerized-octavia-py36 experimental: jobs: - kuryr-kubernetes-tempest-dragonflow - - kuryr-kubernetes-tempest-daemon-containerized-openshift-octavia - - kuryr-kubernetes-tempest-daemon-containerized-octavia-l2 - - kuryr-kubernetes-tempest-daemon-containerized-octavia-pools-namespace - - kuryr-kubernetes-tempest-daemon-containerized-octavia-network-policy - - kuryr-kubernetes-tempest-daemon-containerized-openshift-octavia-serial - - kuryr-kubernetes-tempest-daemon-ovn - - kuryr-kubernetes-tempest-daemon-openshift-octavia-ingress - - kuryr-kubernetes-tempest-daemon-openshift-octavia-multi-vif - - kuryr-kubernetes-tempest-multinode-daemon-octavia-ha - - kuryr-kubernetes-tempest-daemon-containerized-octavia-crio + - kuryr-kubernetes-tempest-containerized-openshift-octavia + - kuryr-kubernetes-tempest-containerized-octavia-l2 + - kuryr-kubernetes-tempest-containerized-octavia-pools-namespace + - kuryr-kubernetes-tempest-containerized-octavia-network-policy + - kuryr-kubernetes-tempest-containerized-openshift-octavia-serial + - kuryr-kubernetes-tempest-ovn + - kuryr-kubernetes-tempest-openshift-octavia-ingress + - kuryr-kubernetes-tempest-openshift-octavia-multi-vif + - kuryr-kubernetes-tempest-multinode-octavia-ha + - kuryr-kubernetes-tempest-containerized-octavia-crio - project: templates: diff --git a/.zuul.d/sdn.yaml b/.zuul.d/sdn.yaml index 4de0c27db..5c1fcb448 100644 --- a/.zuul.d/sdn.yaml +++ b/.zuul.d/sdn.yaml @@ -41,23 +41,13 @@ q-dhcp: false q-meta: false q-trunk: true - kuryr-daemon: true voting: false - job: - name: kuryr-kubernetes-tempest-daemon-ovn + name: kuryr-kubernetes-tempest-containerized-ovn parent: kuryr-kubernetes-tempest-ovn description: | - Kuryr-Kubernetes tempest job using OVN, CNI daemon - vars: - devstack_services: - kuryr-daemon: true - -- job: - name: kuryr-kubernetes-tempest-daemon-containerized-ovn - parent: kuryr-kubernetes-tempest-daemon-ovn - description: | - Kuryr-Kubernetes tempest job using OVN, CNI daemon and Containerized + Kuryr-Kubernetes tempest job using OVN and Containerized vars: devstack_localrc: KURYR_K8S_CONTAINERIZED_DEPLOYMENT: true diff --git a/cni_ds_init b/cni_ds_init index 8e3ad2ec7..2085253d4 100755 --- a/cni_ds_init +++ b/cni_ds_init @@ -61,9 +61,4 @@ EOF cleanup deploy -# Start CNI daemon if required -if [ "$CNI_DAEMON" == "True" ]; then - exec kuryr-daemon --config-file /etc/kuryr/kuryr.conf -else - exec sleep infinity -fi +exec kuryr-daemon --config-file /etc/kuryr/kuryr.conf diff --git a/devstack/lib/kuryr_kubernetes b/devstack/lib/kuryr_kubernetes index 1202976bf..6acc5fcb9 100644 --- a/devstack/lib/kuryr_kubernetes +++ b/devstack/lib/kuryr_kubernetes @@ -583,9 +583,8 @@ EOF function generate_cni_daemon_set() { output_dir=$1 cni_health_server_port=$2 - cni_daemon=${3:-False} - cni_bin_dir=${4:-/opt/cni/bin} - cni_conf_dir=${5:-/etc/cni/net.d} + cni_bin_dir=${3:-/opt/cni/bin} + cni_conf_dir=${4:-/etc/cni/net.d} mkdir -p "$output_dir" rm -f ${output_dir}/cni_ds.yml cat >> "${output_dir}/cni_ds.yml" << EOF @@ -624,8 +623,6 @@ spec: valueFrom: fieldRef: fieldPath: metadata.name - - name: CNI_DAEMON - value: "${cni_daemon}" securityContext: privileged: true volumeMounts: @@ -645,8 +642,7 @@ EOF mountPath: /var/run EOF fi - if [ "$cni_daemon" == "True" ]; then - cat >> "${output_dir}/cni_ds.yml" << EOF + cat >> "${output_dir}/cni_ds.yml" << EOF readinessProbe: httpGet: path: /ready @@ -659,9 +655,6 @@ EOF path: /alive port: ${cni_health_server_port} initialDelaySeconds: 60 -EOF - fi - cat >> "${output_dir}/cni_ds.yml" << EOF volumes: - name: bin hostPath: diff --git a/devstack/plugin.sh b/devstack/plugin.sh index 65188f621..97bfe4c50 100644 --- a/devstack/plugin.sh +++ b/devstack/plugin.sh @@ -99,8 +99,6 @@ function configure_kuryr { iniset "$KURYR_CONFIG" cni_health_server cg_path \ "/system.slice/system-devstack.slice/devstack@kuryr-daemon.service" fi - else - iniset "$KURYR_CONFIG" cni_daemon daemon_enabled False fi create_kuryr_cache_dir @@ -131,8 +129,6 @@ function configure_kuryr { } function generate_containerized_kuryr_resources { - local cni_daemon - cni_daemon=$1 if [[ $KURYR_CONTROLLER_REPLICAS -eq 1 ]]; then KURYR_CONTROLLER_HA="False" else @@ -892,9 +888,6 @@ function update_tempest_conf_file { if [[ "$KURYR_ENABLED_HANDLERS" =~ .*policy.* ]]; then iniset $TEMPEST_CONFIG kuryr_kubernetes network_policy_enabled True fi - if ! is_service_enabled kuryr-daemon; then - iniset $TEMPEST_CONFIG kuryr_kubernetes kuryr_daemon_enabled False - fi # NOTE(yboaron): Services with protocol UDP are supported in Kuryr # starting from Stein release iniset $TEMPEST_CONFIG kuryr_kubernetes test_udp_services True @@ -1038,11 +1031,7 @@ if [[ "$1" == "stack" && "$2" == "extra" ]]; then KURYR_FORCE_IMAGE_BUILD=$(trueorfalse False KURYR_FORCE_IMAGE_BUILD) if is_service_enabled kuryr-kubernetes || [[ ${KURYR_FORCE_IMAGE_BUILD} == "True" ]]; then if [ "$KURYR_K8S_CONTAINERIZED_DEPLOYMENT" == "True" ]; then - if is_service_enabled kuryr-daemon; then - build_kuryr_containers True - else - build_kuryr_containers False - fi + build_kuryr_containers fi fi @@ -1050,11 +1039,7 @@ if [[ "$1" == "stack" && "$2" == "extra" ]]; then /usr/local/bin/kubectl apply -f ${KURYR_HOME}/kubernetes_crds/kuryrnet.yaml /usr/local/bin/kubectl apply -f ${KURYR_HOME}/kubernetes_crds/kuryrnetpolicy.yaml if [ "$KURYR_K8S_CONTAINERIZED_DEPLOYMENT" == "True" ]; then - if is_service_enabled kuryr-daemon; then - generate_containerized_kuryr_resources True - else - generate_containerized_kuryr_resources False - fi + generate_containerized_kuryr_resources fi if [ "$KURYR_MULTI_VIF_DRIVER" == "npwg_multiple_interfaces" ]; then /usr/local/bin/kubectl apply -f ${KURYR_HOME}/kubernetes_crds/network_attachment_definition_crd.yaml diff --git a/doc/source/devref/kuryr_kubernetes_design.rst b/doc/source/devref/kuryr_kubernetes_design.rst index dd7409ff7..ad940f90e 100644 --- a/doc/source/devref/kuryr_kubernetes_design.rst +++ b/doc/source/devref/kuryr_kubernetes_design.rst @@ -194,19 +194,27 @@ CNI driver to complete pod handling. The NeutronPodVifDriver is the default driver that creates neutron port upon Pod addition and deletes port upon Pod removal. +CNI Driver +---------- + +CNI driver is just a thin client that passes CNI ADD and DEL requests to +kuryr-daemon instance via its HTTP API. It's simple Python executable that is +supposed to be called by kublet's CNI. + .. _cni-daemon: CNI Daemon ---------- CNI Daemon is a service that should run on every Kubernetes node. Starting from -Rocky release it should be seen as a default supported deployment option. -It is responsible for watching pod events on the node it's running on, -answering calls from CNI Driver and attaching VIFs when they are ready. In the -future it will also keep information about pooled ports in memory. This helps -to limit the number of processes spawned when creating multiple Pods, as a -single Watcher is enough for each node and CNI Driver will only wait on local -network socket for response from the Daemon. +Rocky release it should be seen as a default supported deployment option. And +running without it is impossible starting from Stein release. It is responsible +for watching pod events on the node it's running on, answering calls from CNI +Driver and attaching VIFs when they are ready. In the future it will also keep +information about pooled ports in memory. This helps to limit the number of +processes spawned when creating multiple Pods, as a single Watcher is enough +for each node and CNI Driver will only wait on local network socket for +response from the Daemon. Currently CNI Daemon consists of two processes i.e. Watcher and Server. Processes communicate between each other using Python's @@ -229,7 +237,7 @@ expected to be JSON). For reference see updated pod creation flow diagram: -.. image:: ../../images/pod_creation_flow_daemon.png +.. image:: ../../images/pod_creation_flow.png :alt: Controller-CNI-daemon interaction :align: center :width: 100% @@ -255,43 +263,6 @@ deserialized using o.vo's ``obj_from_primitive()`` method. When running in daemonized mode, CNI Driver will call CNI Daemon over those APIs to perform its tasks and wait on socket for result. -CNI Driver (deprecated) ------------------------ - -.. warning:: - Running with CNI Driver in this mode is deprecated since Rocky release. - Currently the preferred way of deploying kuryr-kubernetes is with - kuryr-daemon that takes over most of the CNI Driver tasks. In that case CNI - driver becomes a thin client that passes CNI ADD and DEL requests to - kuryr-daemon instance via its HTTP API. - -Kuryr kubernetes integration takes advantage of the kubernetes `CNI plugin -`_ and introduces -Kuryr-K8s CNI Driver. Based on design decision, kuryr-kubernetes -CNI Driver should get all information required to plug and bind Pod via -kubernetes control plane and should not depend on Neutron. CNI plugin/driver -is invoked in a blocking manner by kubelet (Kubernetes node agent), therefore -it is expected to return when either success or error state determined. - -Kuryr-K8s CNI Driver has 2 sources for Pod binding information: kubelet/node -environment and Kubernetes API. The Kuryr-K8s Controller Service and CNI share the -contract that defines Pod annotation that Controller Server adds and CNI -driver reads. The contract is `os_vif VIF -`_ - -With VIF object loaded from the Pod object annotation, the CNI driver performs -Pod plugging. Kuryr-K8s CNI driver uses ov_vif library to perform Pod plug and -unplug operations. The CNI driver should complete its job and return control to -Kubelet when all the network plugging is completed. -In the cases when Neutron initially creates port in 'Down' state, CNI driver -will plug the Pod, but will have to watch the Pod annotations for vif state -change to 'Active' before returning the control to the caller. - -.. image:: ../../images/pod_creation_flow.png - :alt: Controller-CNI interaction - :align: center - :width: 100% - Kubernetes Documentation ------------------------ diff --git a/doc/source/installation/devstack/basic.rst b/doc/source/installation/devstack/basic.rst index 8f487f28d..4fb517dda 100644 --- a/doc/source/installation/devstack/basic.rst +++ b/doc/source/installation/devstack/basic.rst @@ -48,9 +48,6 @@ Now edit ``devstack/local.conf`` to set up some initial options: omitted. * If you already have Docker installed on the machine, you can comment out line starting with ``enable_plugin devstack-plugin-container``. -* If you want to disable kuryr-daemon add ``disable_service kuryr-daemon`` - line. Please note that running without kuryr-daemon was deprecated in Rocky - release. Once ``local.conf`` is configured, you can start the installation: :: diff --git a/kuryr_kubernetes/cni/api.py b/kuryr_kubernetes/cni/api.py index f387fefe8..45dec6178 100644 --- a/kuryr_kubernetes/cni/api.py +++ b/kuryr_kubernetes/cni/api.py @@ -26,7 +26,6 @@ from os_vif.objects import base from oslo_log import log as logging from oslo_serialization import jsonutils -from kuryr_kubernetes.cni import utils from kuryr_kubernetes import config from kuryr_kubernetes import constants as k_const from kuryr_kubernetes import exceptions as k_exc @@ -129,25 +128,6 @@ class CNIRunner(object): return result -class CNIStandaloneRunner(CNIRunner): - - def __init__(self, plugin): - self._plugin = plugin - - def _add(self, params): - vif = self._plugin.add(params) - return self._vif_data(vif, params) - - def _delete(self, params): - self._plugin.delete(params) - - def prepare_env(self, env, stdin): - return utils.CNIParameters(env, stdin) - - def get_container_id(self, params): - return params.CNI_CONTAINERID - - class CNIDaemonizedRunner(CNIRunner): def _add(self, params): diff --git a/kuryr_kubernetes/cni/main.py b/kuryr_kubernetes/cni/main.py index 6b22fba32..3bb88fe29 100644 --- a/kuryr_kubernetes/cni/main.py +++ b/kuryr_kubernetes/cni/main.py @@ -21,11 +21,9 @@ import sys import os_vif from oslo_config import cfg from oslo_log import log as logging -from oslo_log import versionutils from oslo_serialization import jsonutils from kuryr_kubernetes.cni import api as cni_api -from kuryr_kubernetes.cni.plugins import k8s_cni from kuryr_kubernetes.cni import utils from kuryr_kubernetes import config from kuryr_kubernetes import constants as k_const @@ -56,13 +54,7 @@ def run(): k_objects.register_locally_defined_vifs() os_vif.initialize() - if CONF.cni_daemon.daemon_enabled: - runner = cni_api.CNIDaemonizedRunner() - else: - versionutils.deprecation_warning( - 'Deploying kuryr-kubernetes without kuryr-daemon service', 'R') - runner = cni_api.CNIStandaloneRunner(k8s_cni.K8sCNIPlugin()) - LOG.info("Using '%s' ", runner.__class__.__name__) + runner = cni_api.CNIDaemonizedRunner() def _timeout(signum, frame): runner._write_dict(sys.stdout, { diff --git a/kuryr_kubernetes/cni/plugins/k8s_cni.py b/kuryr_kubernetes/cni/plugins/k8s_cni.py deleted file mode 100644 index 90cab34d9..000000000 --- a/kuryr_kubernetes/cni/plugins/k8s_cni.py +++ /dev/null @@ -1,49 +0,0 @@ -# Copyright (c) 2016 Mirantis, Inc. -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -from kuryr_kubernetes import clients -from kuryr_kubernetes.cni import handlers as h_cni -from kuryr_kubernetes.cni.plugins import base as base_cni -from kuryr_kubernetes import constants as k_const -from kuryr_kubernetes import watcher as k_watcher - - -class K8sCNIPlugin(base_cni.CNIPlugin): - - def add(self, params): - self._setup(params) - self._pipeline.register(h_cni.AddHandler(params, self._done)) - self._watcher.start() - return self._vif - - def delete(self, params): - self._setup(params) - self._pipeline.register(h_cni.DelHandler(params, self._done)) - self._watcher.start() - - def _done(self, vif): - self._vif = vif - self._watcher.stop() - - def _setup(self, params): - clients.setup_kubernetes_client() - self._pipeline = h_cni.CNIPipeline() - self._watcher = k_watcher.Watcher(self._pipeline) - self._watcher.add( - "%(base)s/namespaces/%(namespace)s/pods" - "?fieldSelector=metadata.name=%(pod)s" % { - 'base': k_const.K8S_API_BASE, - 'namespace': params.args.K8S_POD_NAMESPACE, - 'pod': params.args.K8S_POD_NAME}) diff --git a/kuryr_kubernetes/config.py b/kuryr_kubernetes/config.py index b549e715c..1e0a976f6 100644 --- a/kuryr_kubernetes/config.py +++ b/kuryr_kubernetes/config.py @@ -31,13 +31,6 @@ kuryr_k8s_opts = [ ] daemon_opts = [ - cfg.BoolOpt('daemon_enabled', - help=_('Enable CNI Daemon configuration.'), - default=True, - deprecated_for_removal=True, - deprecated_reason="Deployment without kuryr-daemon is now " - "deprecated.", - deprecated_since="Rocky"), cfg.StrOpt('bind_address', help=_('Bind address for CNI daemon HTTP server. It is ' 'recommened to allow only local connections.'), diff --git a/kuryr_kubernetes/tests/unit/cni/plugins/test_k8s_cni.py b/kuryr_kubernetes/tests/unit/cni/plugins/test_k8s_cni.py deleted file mode 100644 index a38d56797..000000000 --- a/kuryr_kubernetes/tests/unit/cni/plugins/test_k8s_cni.py +++ /dev/null @@ -1,67 +0,0 @@ -# Copyright (c) 2017 NEC Corporation. -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -import mock - -from kuryr_kubernetes.cni.plugins import k8s_cni -from kuryr_kubernetes import constants -from kuryr_kubernetes.tests import base as test_base - - -class TestK8sCNIPlugin(test_base.TestCase): - @mock.patch('kuryr_kubernetes.watcher.Watcher') - @mock.patch('kuryr_kubernetes.cni.handlers.CNIPipeline') - @mock.patch('kuryr_kubernetes.cni.handlers.DelHandler') - @mock.patch('kuryr_kubernetes.cni.handlers.AddHandler') - def _test_method(self, method, m_add_handler, m_del_handler, m_cni_pipe, - m_watcher_class): - self.passed_handler = None - - def _save_handler(params, handler): - self.passed_handler = handler - - def _call_handler(*args): - self.passed_handler(mock.sentinel.vif) - - m_add_handler.side_effect = _save_handler - m_del_handler.side_effect = _save_handler - - m_watcher = mock.MagicMock( - add=mock.MagicMock(), - start=mock.MagicMock(side_effect=_call_handler)) - m_watcher_class.return_value = m_watcher - - m_params = mock.MagicMock() - m_params.args.K8S_POD_NAMESPACE = 'k8s_pod_namespace' - m_params.args.K8S_POD_NAME = 'k8s_pod' - - cni_plugin = k8s_cni.K8sCNIPlugin() - result = getattr(cni_plugin, method)(m_params) - self.assertEqual(mock.sentinel.vif, cni_plugin._vif) - m_watcher.add.assert_called_with( - "%(base)s/namespaces/%(namespace)s/pods" - "?fieldSelector=metadata.name=%(pod)s" % { - 'base': constants.K8S_API_BASE, - 'namespace': m_params.args.K8S_POD_NAMESPACE, - 'pod': m_params.args.K8S_POD_NAME}) - - return result - - def test_add(self): - result = self._test_method('add') - self.assertEqual(result, mock.sentinel.vif) - - def test_delete(self): - self._test_method('delete') diff --git a/kuryr_kubernetes/tests/unit/cni/test_api.py b/kuryr_kubernetes/tests/unit/cni/test_api.py index ba451a261..c9e2bbf79 100644 --- a/kuryr_kubernetes/tests/unit/cni/test_api.py +++ b/kuryr_kubernetes/tests/unit/cni/test_api.py @@ -22,7 +22,6 @@ from oslo_config import cfg from oslo_serialization import jsonutils from kuryr_kubernetes.cni import api -from kuryr_kubernetes.cni.plugins import k8s_cni from kuryr_kubernetes.tests import base as test_base from kuryr_kubernetes.tests import fake @@ -51,62 +50,6 @@ class TestCNIRunnerMixin(object): self.assertEqual(api.CNIRunner.VERSION, result['cniVersion']) -class TestCNIStandaloneRunner(test_base.TestCase, TestCNIRunnerMixin): - def setUp(self): - super(TestCNIStandaloneRunner, self).setUp() - self.runner = api.CNIStandaloneRunner(k8s_cni.K8sCNIPlugin()) - - @mock.patch('kuryr_kubernetes.cni.plugins.k8s_cni.K8sCNIPlugin.add') - def test_run_add(self, m_k8s_add): - vif = fake._fake_vif() - m_k8s_add.return_value = vif - m_fin = StringIO() - m_fout = StringIO() - container_id = 'a4181c680a39' - env = { - 'CNI_COMMAND': 'ADD', - 'CNI_CONTAINERID': container_id, - 'CNI_ARGS': 'foo=bar', - } - self.runner.run(env, m_fin, m_fout) - self.assertTrue(m_k8s_add.called) - self.assertEqual('foo=bar', m_k8s_add.call_args[0][0].CNI_ARGS) - result = jsonutils.loads(m_fout.getvalue()) - self.assertDictEqual( - {"cniVersion": '0.3.1', - "dns": {"nameservers": ["192.168.0.1"]}, - "ips": [ - { - "version": "4", - "gateway": "192.168.0.1", - "address": "192.168.0.2/24", - "interface": 0, - }], - "interfaces": [ - { - "name": vif.vif_name, - "mac": vif.address, - "sandbox": container_id, - }], - "routes": []}, - result) - - @mock.patch('kuryr_kubernetes.cni.plugins.k8s_cni.K8sCNIPlugin.delete') - def test_run_del(self, m_k8s_delete): - vif = fake._fake_vif() - m_k8s_delete.return_value = vif - m_fin = StringIO() - m_fout = StringIO() - env = { - 'CNI_COMMAND': 'DEL', - 'CNI_CONTAINERID': 'a4181c680a39', - 'CNI_ARGS': 'foo=bar', - } - self.runner.run(env, m_fin, m_fout) - self.assertTrue(m_k8s_delete.called) - self.assertEqual('foo=bar', m_k8s_delete.call_args[0][0].CNI_ARGS) - - @mock.patch('requests.post') class TestCNIDaemonizedRunner(test_base.TestCase, TestCNIRunnerMixin): def setUp(self): diff --git a/kuryr_kubernetes/tests/unit/cni/test_main.py b/kuryr_kubernetes/tests/unit/cni/test_main.py index 2440068eb..25d2ffff2 100644 --- a/kuryr_kubernetes/tests/unit/cni/test_main.py +++ b/kuryr_kubernetes/tests/unit/cni/test_main.py @@ -15,8 +15,6 @@ import mock -from oslo_config import cfg - from kuryr_kubernetes.cni import main from kuryr_kubernetes.tests import base as test_base @@ -37,32 +35,6 @@ class TestCNIMain(test_base.TestCase): m_cni_dr.return_value = mock.MagicMock() m_cni_daemon = m_cni_dr.return_value - cfg.CONF.set_override('daemon_enabled', True, group='cni_daemon') - - main.run() - - m_config_init.assert_called() - m_setup_logging.assert_called() - m_cni_daemon.run.assert_called() - m_sysexit.assert_called() - - @mock.patch('kuryr_kubernetes.cni.main.jsonutils.load') - @mock.patch('sys.exit') - @mock.patch('sys.stdin') - @mock.patch('kuryr_kubernetes.cni.utils.CNIConfig') - @mock.patch('kuryr_kubernetes.cni.api') - @mock.patch('kuryr_kubernetes.config.init') - @mock.patch('kuryr_kubernetes.config.setup_logging') - @mock.patch('kuryr_kubernetes.cni.api.CNIStandaloneRunner') - def test_standalone_run(self, m_cni_sr, m_setup_logging, m_config_init, - m_api, m_conf, m_sys, m_sysexit, m_json): - m_conf.debug = mock.Mock() - m_conf.debug.return_value = True - m_cni_sr.return_value = mock.MagicMock() - m_cni_daemon = m_cni_sr.return_value - - cfg.CONF.set_override('daemon_enabled', False, group='cni_daemon') - main.run() m_config_init.assert_called() diff --git a/releasenotes/notes/remove-non-daemon-836e4825384b1b88.yaml b/releasenotes/notes/remove-non-daemon-836e4825384b1b88.yaml new file mode 100644 index 000000000..4978a85fc --- /dev/null +++ b/releasenotes/notes/remove-non-daemon-836e4825384b1b88.yaml @@ -0,0 +1,5 @@ +--- +upgrade: + - | + As announced, possiblity of running Kuryr-Kubernetes without kuryr-daemon + service is now removed from the project and considered not supported.