Adapting the documentation, and the official examples in preparation for the upcoming DANM 4.0 release.

Levovar · Levovar · commit 85879aa4d118 · 2019-07-05T17:50:22.000+02:00
Also adding extra demo materials showcasing the usage of the new APIs.
Changing two little validation mistakes discovered during document update:
- max allowed NID shall be 11, not 12
- host_device should not be allowed together with device_pool for non-SR-IOV networks as well
diff --git a/README.md b/README.md
diff --git a/example/4_0_examples/0_wrong_tconf.yaml b/example/4_0_examples/0_wrong_tconf.yaml
@@ -0,0 +1,9 @@
+apiVersion: danm.k8s.io/v1
+kind: TenantConfig
+metadata:
+  name: wrong-tconf
+hostDevices:
+- name: ens4
+  vniType: vlan
+networkIds:
+  flannel: flannel
diff --git a/example/4_0_examples/10_good_deployment.yaml b/example/4_0_examples/10_good_deployment.yaml
@@ -0,0 +1,25 @@
+apiVersion: apps/v1beta1
+kind: Deployment
+metadata:
+  name: test-deployment
+  namespace: default
+spec:
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: test-deployment
+      annotations:
+        danm.k8s.io/interfaces: |
+          [
+            {"tenantNetwork":"management", "ip":"dynamic"},
+            {"clusterNetwork":"external", "ip":"dynamic"},
+            {"tenantNetwork":"internal", "ip":"dynamic"}
+          ]
+    spec:
+      containers:
+      - name: busybox
+        image: busybox:latest
+        args:
+        - sleep
+        - "1000"
diff --git a/example/4_0_examples/11_allowed_default.yaml b/example/4_0_examples/11_allowed_default.yaml
@@ -0,0 +1,18 @@
+apiVersion: apps/v1beta1
+kind: Deployment
+metadata:
+  name: test-deployment
+  namespace: default
+spec:
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: test-deployment
+    spec:
+      containers:
+      - name: busybox
+        image: busybox:latest
+        args:
+        - sleep
+        - "1000"
diff --git a/example/4_0_examples/12_not_allowed_default.yaml b/example/4_0_examples/12_not_allowed_default.yaml
@@ -0,0 +1,18 @@
+apiVersion: apps/v1beta1
+kind: Deployment
+metadata:
+  name: test-deployment
+  namespace: kube-system
+spec:
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: test-deployment
+    spec:
+      containers:
+      - name: busybox
+        image: busybox:latest
+        args:
+        - sleep
+        - "1000"
diff --git a/example/4_0_examples/1_good_tconf.yaml b/example/4_0_examples/1_good_tconf.yaml
@@ -0,0 +1,13 @@
+apiVersion: danm.k8s.io/v1
+kind: TenantConfig
+metadata:
+  name: tconf
+hostDevices:
+- name: ens4
+  vniType: vlan
+  vniRange: 1000-2000
+- name: ens5
+  vniType: vlan
+  vniRange: 2000-3000
+networkIds:
+  flannel: flannel
diff --git a/example/4_0_examples/2_tnet_with_vlan.yaml b/example/4_0_examples/2_tnet_with_vlan.yaml
@@ -0,0 +1,17 @@
+apiVersion: danm.k8s.io/v1
+kind: TenantNetwork
+metadata:
+  name: internal
+  namespace: default
+spec:
+  NetworkID: internal
+  NetworkType: ipvlan
+  Options:
+    host_device: ens4
+    container_prefix: int
+    rt_tables: 200
+    vlan: 700
+    cidr: 10.240.1.0/24
+    allocation_pool:
+      start: 10.240.1.100
+      end: 10.240.1.200
diff --git a/example/4_0_examples/3_chosen_device.yaml b/example/4_0_examples/3_chosen_device.yaml
@@ -0,0 +1,16 @@
+apiVersion: danm.k8s.io/v1
+kind: TenantNetwork
+metadata:
+  name: internal
+  namespace: default
+spec:
+  NetworkID: internal
+  NetworkType: ipvlan
+  Options:
+    host_device: ens4
+    container_prefix: int
+    rt_tables: 200
+    cidr: 10.240.1.0/24
+    allocation_pool:
+      start: 10.240.1.100
+      end: 10.240.1.200
diff --git a/example/4_0_examples/4_random_device.yaml b/example/4_0_examples/4_random_device.yaml
@@ -0,0 +1,15 @@
+apiVersion: danm.k8s.io/v1
+kind: TenantNetwork
+metadata:
+  name: internal2
+  namespace: default
+spec:
+  NetworkID: internal2
+  NetworkType: ipvlan
+  Options:
+    container_prefix: int2
+    rt_tables: 200
+    cidr: 10.250.1.0/24
+    allocation_pool:
+      start: 10.250.1.100
+      end: 10.250.1.200
diff --git a/example/4_0_examples/5_wrong_device.yaml b/example/4_0_examples/5_wrong_device.yaml
@@ -0,0 +1,16 @@
+apiVersion: danm.k8s.io/v1
+kind: TenantNetwork
+metadata:
+  name: internal3
+  namespace: default
+spec:
+  NetworkID: internal3
+  NetworkType: ipvlan
+  Options:
+    host_device: ens6
+    container_prefix: int
+    rt_tables: 200
+    cidr: 10.251.1.0/24
+    allocation_pool:
+      start: 10.251.1.100
+      end: 10.251.1.200
diff --git a/example/4_0_examples/6_static_tnet.yaml b/example/4_0_examples/6_static_tnet.yaml
@@ -0,0 +1,8 @@
+apiVersion: danm.k8s.io/v1
+kind: TenantNetwork
+metadata:
+  name: management
+  namespace: default
+spec:
+  NetworkID: iknowitbetter
+  NetworkType: flannel
diff --git a/example/4_0_examples/7_default_cnet.yaml b/example/4_0_examples/7_default_cnet.yaml
@@ -0,0 +1,9 @@
+apiVersion: danm.k8s.io/v1
+kind: ClusterNetwork
+metadata:
+  name: default
+spec:
+  NetworkID: flannel
+  NetworkType: flannel
+  AllowedTenants:
+  - default
diff --git a/example/4_0_examples/8_external_cnet.yaml b/example/4_0_examples/8_external_cnet.yaml
@@ -0,0 +1,16 @@
+apiVersion: danm.k8s.io/v1
+kind: ClusterNetwork
+metadata:
+  name: external
+spec:
+  NetworkID: external
+  NetworkType: ipvlan
+  Options:
+    host_device: ens4
+    vlan: 500
+    container_prefix: ext
+    rt_tables: 100
+    cidr: 10.100.1.0/24
+    allocation_pool:
+      start: 10.100.1.100
+      end: 10.100.1.200
diff --git a/example/4_0_examples/9_wrong_deployment.yaml b/example/4_0_examples/9_wrong_deployment.yaml
@@ -0,0 +1,23 @@
+apiVersion: apps/v1beta1
+kind: Deployment
+metadata:
+  name: test-deployment
+  namespace: default
+spec:
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: test-deployment
+      annotations:
+        danm.k8s.io/interfaces: |
+          [
+            {"tenantNetwork":"management", "clusterNetwork":"external", "ip":"dynamic"}
+          ]
+    spec:
+      containers:
+      - name: busybox
+        image: busybox:latest
+        args:
+        - sleep
+        - "1000"
diff --git a/integration/bootstrap_networks/lightweight/flannel.yaml b/integration/bootstrap_networks/lightweight/flannel.yaml
@@ -0,0 +1,8 @@
+apiVersion: danm.k8s.io/v1
+kind: DanmNet
+metadata:
+  name: flannel
+  namespace: kube-system
+spec:
+  NetworkID: flannel
+  NetworkType: flannel 
diff --git a/integration/bootstrap_networks/production/flannel.yaml b/integration/bootstrap_networks/production/flannel.yaml
@@ -0,0 +1,8 @@
+apiVersion: danm.k8s.io/v1
+kind: TenantNetwork
+metadata:
+  name: flannel
+  namespace: kube-system
+spec:
+  NetworkID: flannel
+  NetworkType: flannel 
diff --git a/integration/crds/lightweight/DanmEp.yaml b/integration/crds/lightweight/DanmEp.yaml
diff --git a/integration/crds/lightweight/DanmNet.yaml b/integration/crds/lightweight/DanmNet.yaml
@@ -54,6 +54,8 @@ spec:
                 rt_tables:
                   type: integer
                   format: int32
+                  minimum: 0
+                  maximum: 255
                 net6:
                   type: string
                   pattern: '^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))$'
diff --git a/integration/crds/production/ClusterNetwork.yaml b/integration/crds/production/ClusterNetwork.yaml
@@ -58,6 +58,8 @@ spec:
                 rt_tables:
                   type: integer
                   format: int32
+                  minimum: 0
+                  maximum: 255
                 net6:
                   type: string
                   pattern: '^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))$'
diff --git a/integration/crds/production/DanmEp.yaml b/integration/crds/production/DanmEp.yaml
@@ -0,0 +1,15 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: danmeps.danm.k8s.io
+spec:
+  scope: Namespaced
+  group: danm.k8s.io
+  version: v1
+  names:
+    kind: DanmEp
+    plural: danmeps
+    singular: danmep
+    shortNames:
+    - de
+    - dep
diff --git a/integration/crds/production/TenantConfig.yaml b/integration/crds/production/TenantConfig.yaml
diff --git a/integration/crds/production/TenantNetwork.yaml b/integration/crds/production/TenantNetwork.yaml
@@ -54,6 +54,8 @@ spec:
                 rt_tables:
                   type: integer
                   format: int32
+                  minimum: 0
+                  maximum: 255
                 net6:
                   type: string
                   pattern: '^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))$'
diff --git a/pkg/admit/validators.go b/pkg/admit/validators.go
@@ -12,7 +12,7 @@ import (
 )
 
 const (
-  MaxNidLength = 12
+  MaxNidLength = 11
 )
 
 var (
@@ -127,6 +127,7 @@ func validateTenantNetRules(oldManifest, newManifest *danmtypes.DanmNet, opType
   }
   if opType == admissionv1.Update &&
     (newManifest.Spec.Options.Device  != oldManifest.Spec.Options.Device  ||
+     newManifest.Spec.Options.DevicePool  != oldManifest.Spec.Options.DevicePool  ||
      newManifest.Spec.Options.Vxlan   != oldManifest.Spec.Options.Vxlan   ||
      newManifest.Spec.Options.Vlan    != oldManifest.Spec.Options.Vlan) {
     return errors.New("Manually changing any one of host_device, vlan, or vxlan attributes is not allowed for TenantNetworks!")
@@ -189,6 +190,8 @@ func validateNeType(oldManifest, newManifest *danmtypes.DanmNet, opType admissio
     if newManifest.Spec.Options.DevicePool == "" || newManifest.Spec.Options.Device != "" {
       return errors.New("DevicePool must, and host_device cannot be provided for SR-IOV networks!")
     }
+  } else if newManifest.Spec.Options.Device != "" && newManifest.Spec.Options.DevicePool != "" {
+    return errors.New("DevicePool and host_device cannot be provided together!")
   }
   return nil
 }

Original file line number	Diff line number	Diff line change
`@@ -12,7 +12,7 @@ import (`
`12`	`12`	`)`
`13`	`13`
`14`	`14`	`const (`
`15`		`- MaxNidLength = 12`
	`15`	`+ MaxNidLength = 11`
`16`	`16`	`)`
`17`	`17`
`18`	`18`	`var (`
`@@ -127,6 +127,7 @@ func validateTenantNetRules(oldManifest, newManifest *danmtypes.DanmNet, opType`
`127`	`127`	`}`
`128`	`128`	`if opType == admissionv1.Update &&`
`129`	`129`	`(newManifest.Spec.Options.Device != oldManifest.Spec.Options.Device \|\|`
	`130`	`+ newManifest.Spec.Options.DevicePool != oldManifest.Spec.Options.DevicePool \|\|`
`130`	`131`	`newManifest.Spec.Options.Vxlan != oldManifest.Spec.Options.Vxlan \|\|`
`131`	`132`	`newManifest.Spec.Options.Vlan != oldManifest.Spec.Options.Vlan) {`
`132`	`133`	`return errors.New("Manually changing any one of host_device, vlan, or vxlan attributes is not allowed for TenantNetworks!")`
`@@ -189,6 +190,8 @@ func validateNeType(oldManifest, newManifest *danmtypes.DanmNet, opType admissio`
`189`	`190`	`if newManifest.Spec.Options.DevicePool == "" \|\| newManifest.Spec.Options.Device != "" {`
`190`	`191`	`return errors.New("DevicePool must, and host_device cannot be provided for SR-IOV networks!")`
`191`	`192`	`}`
	`193`	`+ } else if newManifest.Spec.Options.Device != "" && newManifest.Spec.Options.DevicePool != "" {`
	`194`	`+ return errors.New("DevicePool and host_device cannot be provided together!")`
`192`	`195`	`}`
`193`	`196`	`return nil`
`194`	`197`	`}`