Use hostNetwork for sriov-cni daemonset #149
Conversation
|
/lgtm |
|
Considering the job of the sriov-cni daemon is just to put the CNI binary to the node, it's a one-time job. Can we remove this DS, and put it as the init container of sriov network config daemon? |
|
@zshi-redhat Could you explain why this is needed? I don't understand the need to give the DS this privilege since its only function is to place the binary in cni bin dir. |
zshi-redhat
force-pushed
the
sriov-cni-hostnetwork
branch
from
e843806
to
2023207
Compare
@martinkennelly This is related to the ovn hardware offload use case. When it is enable on the worker node with ovn-kubernetes CNI, we can no longer create regular veth pods on that particular node since openvswitch is offloaded to the SmartNIC system (vs on the host). Discussed with @pliurh , we were thinking to delete sriov-cni daemonset and add it as a container in sriov-config-daemon pod. |
|
/lgtm @zshi-redhat mind updating commit message why we are moving sriov-cni container to sriov-config-daemon ? this also has the benefit of reducing the resources this operator creates (one less daemonset that k8s needs to monitor) |
zshi-redhat
force-pushed
the
sriov-cni-hostnetwork
branch
from
2023207
to
25d17eb
Compare
Updated commit message. |
|
I have not tested this change (no e2e test ci yet :( ), so @zshi-redhat if you have done some testing internally this can be merged IMO |
I built customized image and tried to create a policy, it worked as expected: no sriov-cni daemonset was created, sriov-cofig-daemon was created with several containers, including sriov-cni. |
|
We also need to remove the legacy daemonsets of the CNI-plugins during an upgrade. |
When ovn hardware offload is enabled with ovn-k8s as default CNI plugin, pods using veth as default interface type can no longer be created since OpenvSwitch is offloaded to the SmartNIC system (with current design). sriov-cni pod is affected in such case. This commit moves sriov-cni into config daemonset which runs in host network and doesn't use veth interface. This also remove the sriov-cni daemonset created by Operator.
zshi-redhat
force-pushed
the
sriov-cni-hostnetwork
branch
from
25d17eb
to
a7ba933
Compare
Added code to remove sriov-cni manifests |
Following k8snetworkplumbingwg#149, sriov-cni daemonset is no longer deployed separatly but as part of the config daemon daemonset. This lead to break the E2E tests, since the E2E tests wait for the sriov-cni daemonsets to be ready. This patch fix that by replacing the wait condition from the sriov-cni to the config-daemon daemonset.
Following k8snetworkplumbingwg#149, sriov-cni daemonset is no longer deployed separatly but as part of the config daemon daemonset. This breaks the E2E tests, since the E2E tests wait for the sriov-cni daemonsets to be ready. This patch fix that by replacing the wait condition from the sriov-cni daemonset to the config-daemon daemonset.
Following k8snetworkplumbingwg/sriov-network-operator#149, sriov-cni daemonset is no longer deployed separatly but as part of the config daemon daemonset. This breaks the E2E tests, since the E2E tests wait for the sriov-cni daemonsets to be ready. This patch fix that by replacing the wait condition from the sriov-cni daemonset to the config-daemon daemonset.
Following k8snetworkplumbingwg/sriov-network-operator#149, sriov-cni daemonset is no longer deployed separatly but as part of the config daemon daemonset. This breaks the E2E tests, since the E2E tests wait for the sriov-cni daemonsets to be ready. This patch fix that by replacing the wait condition from the sriov-cni daemonset to the config-daemon daemonset.
When ovn hardware offload is enabled with ovn-k8s as default
CNI plugin, pods using veth as default interface type can no
longer be created since OpenvSwitch is offloaded to the
SmartNIC system (with current design). sriov-cni pod is affected
in such case. This commit moves sriov-cni into config daemonset
which runs in host network and doesn't use veth interface.
This also remove the sriov-cni daemonset created by Operator.