From f56a48ab1fc21943e2b5e8c6bb5a587d9e46fa3e Mon Sep 17 00:00:00 2001 From: ThisIsQasim <18313886+ThisIsQasim@users.noreply.github.com> Date: Fri, 9 Aug 2024 21:02:52 +0500 Subject: [PATCH] Update multus to v4.1.0 and clarify cilium compatibility --- docs/CNI/multus.md | 10 ++++++++ .../defaults/main/download.yml | 2 +- roles/network_plugin/multus/defaults/main.yml | 1 - .../multus/templates/multus-daemonset.yml.j2 | 23 +++++++++++++++++-- 4 files changed, 32 insertions(+), 4 deletions(-) diff --git a/docs/CNI/multus.md b/docs/CNI/multus.md index 1f724848db3..98d7554f80b 100644 --- a/docs/CNI/multus.md +++ b/docs/CNI/multus.md @@ -17,6 +17,16 @@ kube_network_plugin_multus: true will install Multus and Calico and configure Multus to use Calico as the primary network plugin. +### Cilium compatibility + +If you are using `cilium` as the primary CNI you'll have to set `cilium_cni_exclusive` to `false` to avoid cillium reverting multus config. + +```yml +kube_network_plugin: cilium +kube_network_plugin_multus: true +cilium_cni_exclusive: false +``` + ## Using Multus Once Multus is installed, you can create CNI configurations (as a CRD objects) for additional networks, in this case a macvlan CNI configuration is defined. You may replace the config field with any valid CNI configuration where the CNI binary is available on the nodes. diff --git a/roles/kubespray-defaults/defaults/main/download.yml b/roles/kubespray-defaults/defaults/main/download.yml index d27e6c43d22..301af6d84f7 100644 --- a/roles/kubespray-defaults/defaults/main/download.yml +++ b/roles/kubespray-defaults/defaults/main/download.yml @@ -123,7 +123,7 @@ cilium_enable_hubble: false kube_ovn_version: "v1.11.5" kube_ovn_dpdk_version: "19.11-{{ kube_ovn_version }}" kube_router_version: "v2.0.0" -multus_version: "v3.8" +multus_version: "v4.1.0" helm_version: "v3.14.2" nerdctl_version: "1.7.4" krew_version: "v0.4.4" diff --git a/roles/network_plugin/multus/defaults/main.yml b/roles/network_plugin/multus/defaults/main.yml index c6b7ecd9705..2ddcc0f1a5c 100644 --- a/roles/network_plugin/multus/defaults/main.yml +++ b/roles/network_plugin/multus/defaults/main.yml @@ -6,5 +6,4 @@ multus_cni_run_dir_host: "/run" multus_cni_conf_dir: "{{ ('/host', multus_cni_conf_dir_host) | join }}" multus_cni_bin_dir: "{{ ('/host', multus_cni_bin_dir_host) | join }}" multus_cni_run_dir: "{{ ('/host', multus_cni_run_dir_host) | join }}" -multus_cni_version: "0.4.0" multus_kubeconfig_file_host: "{{ (multus_cni_conf_dir_host, '/multus.d/multus.kubeconfig') | join }}" diff --git a/roles/network_plugin/multus/templates/multus-daemonset.yml.j2 b/roles/network_plugin/multus/templates/multus-daemonset.yml.j2 index 10c42c17513..719bb9c4fdf 100644 --- a/roles/network_plugin/multus/templates/multus-daemonset.yml.j2 +++ b/roles/network_plugin/multus/templates/multus-daemonset.yml.j2 @@ -32,16 +32,34 @@ spec: tolerations: - operator: Exists serviceAccountName: multus + initContainers: + - name: install-multus-binary + image: {{ multus_image_repo }}:{{ multus_image_tag }} + command: ["/install_multus"] + args: + - "--type" + - "thin" + resources: + requests: + cpu: "10m" + memory: "15Mi" + securityContext: + privileged: true + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - name: cnibin + mountPath: {{ multus_cni_bin_dir }} + mountPropagation: Bidirectional containers: - name: kube-multus image: {{ multus_image_repo }}:{{ multus_image_tag }} - command: ["/entrypoint.sh"] + command: ["/thin_entrypoint"] args: - "--cni-conf-dir={{ multus_cni_conf_dir }}" + - "--multus-autoconfig-dir={{ multus_cni_conf_dir }}" - "--cni-bin-dir={{ multus_cni_bin_dir }}" - "--multus-conf-file={{ multus_conf_file }}" - "--multus-kubeconfig-file-host={{ multus_kubeconfig_file_host }}" - - "--cni-version={{ multus_cni_version }}" resources: requests: cpu: "100m" @@ -55,6 +73,7 @@ spec: capabilities: add: ["SYS_ADMIN"] {% endif %} + terminationMessagePolicy: FallbackToLogsOnError volumeMounts: {% if container_manager == 'crio' %} - name: run